package com.health.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.health.constant.Constants;
import com.health.dao.UserDAO;
import com.health.model.LoginInfo;

public class PermissionNormalFilter implements Filter
{

	/**
	 * filter the normal(1) permission if the "loginInfo"'s permission > 1,He
	 * has no permission to visit what is after this filter
	 */
	@Override
	public void doFilter(ServletRequest req, ServletResponse resp,
			FilterChain chain) throws IOException, ServletException
	{
		HttpServletRequest request = (HttpServletRequest) req;
		HttpServletResponse response = (HttpServletResponse) resp;
		HttpSession session = request.getSession();
		LoginInfo info = (LoginInfo) session.getAttribute(Constants.LOGININFO);
		if (null != info)
		{
			if (info.getPermission() > Constants.PERMISSION_NORMAL)
			{
				// invalid permission
				response.sendRedirect("permission-not-enough.jsp");
			}
			else
			{
				// valid permission
				chain.doFilter(request, response);
			}
		}

	}

	@Override
	public void init(FilterConfig arg0) throws ServletException
	{
		System.out.println("-----PermissionNormalFilter inited-----");
	}

	@Override
	public void destroy()
	{
		System.out.println("-----PermissionNormalFilter destroyed-----");
	}
}
